Bugcrowd Blog

For nearly two decades, online retail pioneer Overstock.com has used technology to help its customers find the home goods and furniture they want, at the best possible prices. As part of its efforts to maintain its customers’ trust through accountable and transparent IT Security practices, Overstock regularly engages with the security community and participates in

Today we are excited to announce Vulnerability Remediation Advice, our newest feature on Crowdcontrol™! With Vulnerability Remediation Advice, Development and Security can accelerate the remediation process, introducing secure coding methodologies that help educate development, improve code velocity and reduce risk. Vulnerability management is a security best practice, but true risk reduction only occurs when the

There is no doubt that the bug bounty industry is growing quickly yet in spite of this (or perhaps because of it) it’s still novel to many. One area especially near and dear to my heart is on the triage side. As the Sr. Director of Security Operations at Bugcrowd, I oversee the team of

If you do a Google Image Search against the word hacker, you’ll get images of scary-looking balaclava-clad cybercriminals hunched over a quintessentially green computer terminal. They’re up to no good… Stealing your data, crashing critical systems, or causing general Internet badness. In reality, the word “hacker” applies to a much broader group of people, one

This blog is authored by customer, Teza Mukkavilli, head of information security at Upwork, and first appeared on the Upwork Blog. Upwork places an extremely high priority on data security. As Upwork’s head of information security, I am constantly thinking about how to keep our site as secure as possible so that our freelancers and clients can

I always like attending the annual Gartner Security and Risk Management in Washington DC because a) I get to do a run around the National Mall and White House, and b) I get to hear what the Gartner analysts are telling their customers. Love ‘em or hate ‘em, Gartner has a lot of mindshare at

Over the past months, we’ve addressed the bug bounty misconceptions outlined in our recent guide, 7 Bug Bounty Myths, Busted. So far we’ve… Discussed the misconception that bug bounties are all public Examined the types of companies engaging with the bug bounty model Debunked the perception some have that bug bounties are too risky Talked

It has been a very busy and exciting year for Bugcrowd and things show no sign of slowing down! Right now, we’re getting ready to head out to Hacker Summer Camp in Las Vegas to showcase what we’ve been working on. Black Hat USA and DEF CON 26 will be here before you know it and